From ad3b2e9167d372494644b61d22156ea927d4e770 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Wed, 6 Jun 2018 09:18:13 +0000 Subject: [PATCH] working on auto-auth --- lib/extensions.js | 92 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) create mode 100644 lib/extensions.js diff --git a/lib/extensions.js b/lib/extensions.js new file mode 100644 index 0000000..d647642 --- /dev/null +++ b/lib/extensions.js @@ -0,0 +1,92 @@ +/* +curl -s --user 'api:YOUR_API_KEY' \ + https://api.mailgun.net/v3/YOUR_DOMAIN_NAME/messages \ + -F from='Excited User ' \ + -F to=YOU@YOUR_DOMAIN_NAME \ + -F to=bar@example.com \ + -F subject='Hello' \ + -F text='Testing some Mailgun awesomeness!' +*/ +module.exports.authenticate = function (opts) { + var util = require('util'); + var requestAsync = util.promisify(require('request')); + var state = opts.state; + var jwtoken = opts.auth; + var mailer = { + user: 'wizard@telebit.cloud' + , secret: 'fbbf21d73c9d2f480bd0e71f5f18494e' + }; + var crypto = require('crypto'); + if (!state._auths) { + state._auths = {}; + } + + if ('{' === jwtoken) { + try { + auth = JSON.parse(auth); + } catch(e) { + auth = null; + } + if (auth && /^.+@.+\..+$.test(auth.subject)) { + var id = crypto.randomBytes(16).toString('hex'); + state._auths[id] = {}; + return requestAsync({ + url: 'https://api.mailgun.net/v3/YOUR_DOMAIN_NAME/messages' + , method: 'POST' + , auth: { user: 'api', pass: 'key-70ef48178081df19783ecfbe6fed5e9a' } + , formData: { + from: 'Telebit Wizard ' + , to: auth.subject + , subject: 'Telebit: Magic Link Login' + , text: "Here's your magic login link. Just click to confirm your login attempt:\n\n" + + ' https://www.telebit.cloud/login/?magic=' + id + '\n\n' + + "The login request came from '" + auth.hostname + "'\n " + + "(" + auth.os_arch + " " + auth.os_platform + " " + auth.os_release + ")\n" + } + }).then(function () { + console.log("[DEBUG] email was sent, or so they say"); + return new state.Promise(function (resolve, reject) { + // TODO use global interval whenever the number of active links is high + var t = setTimeout(function () { + delete state._auths[id]; + var err = new Error("Login Failure: Magic Link was not clicked within 5 minutes"); + err.code = 'E_LOGIN_TIMEOUT'; + reject(); + }, 300 * 1000); + + function authorize() { + clearTimeout(t); + delete state._auths[id]; + var hri = require('human-readable-ids').hri; + var hrname = hri.random() + '.telebit.cloud'; + var jwt = require('jsonwebtoken'); + var tokenData = { + domains: [ hrname ] + , ports: [ 1024 + Math.round(Math.random() * 6300) ] + , aud: 'telebit.cloud' + , iss: Math.round(Date.now() / 1000) + , id: id + }; + tokenData.jwt = jwt.sign(tokenData, state.secret); + resolve(tokenData); + } + + state._auths[id] = { + fn: authorize + , dt: Date.now() + , reject: reject + }; + + }); + }); + } + } + + try { + decoded = jwt.decode(jwtoken, { complete: true }); + } catch(e) { + decoded = null; + } + + return state.defaults.authenticate(opts.auth); +};